Backbone Consultants has the expertise to guide your company effectively through the Privacy Shield (formerly Safe Harbor) self-certification process. As regulations begin to tighten on the protection of personally identifiable information (PII), it is mandated that adequate safeguards be implemented in order to allow the transfer of user personal data between the United States and the European Union.
Governing Agencies: Backbone understands that the identification of the Privacy Shield authoritative bodies is paramount to understanding the compliance process. The European Commission has partnered with the U.S. Department of Commerce to put in place a governing agreement in which commercial transfer of data can transfer across the Atlantic. For U.S. companies depending on the type of business being operated, the DOC has two branches of enforcement the Department of Transportation (DOT) or the Federal Trade Commission (FTC). Through inquiry, Backbone will identify the correct governing agency that will be responsible for enforcing Privacy Shield compliance.
Privacy Principles Framework: Backbone has closely analyzed each of the Privacy Shield (U.S.-EU) Privacy Principles and broken out their specific requirements into actionable controls that can be tested. By evaluating these controls, Backbone can more easily understand ownership and obtain evidence supporting the compliance of each principle. The Privacy Principles assessed include: Notice, Choice, Onward Transfer, Security, Data Integrity, Access, and Enforcement.
Arbitration Dispute Resolution (ADR): The Privacy Principle of Enforcement requires a company to establish an independent recourse mechanism in order to resolve privacy related disputes. Backbone has evaluated each of the industry leaders in arbitration dispute resolution (ADR) services and understands their fee structure and how they can effectively resolve complaints. Our consultant will narrow the ADR providers and assist in the selection process and establishment of a formal agreement to meet the needs of the company and comply with Privacy Shield.
Self-Certification: Backbone has reviewed the application requirements and understands the self-certification application process with the Department of Commerce. Our work product and compliance framework will allow your organization to independently and easily reassess and self-certify annually thereafter.
Backbone’s Privacy Shield compliance services can provide your company with the skills necessary to achieve Privacy Shield certification. By partnering with our team of professionals, Backbone can help your company give assurance to customers that their personal data is handled with care and not exposed to unnecessary risk.
EU-US Privacy Shield Compliance